Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0efed0b2 by Moritz Muehlenhoff at 2025-03-13T22:49:29+01:00
auto-nfu: Add rule for HCL
- - - - -
9e502d5f by Moritz Muehlenhoff at 2025-03-13T22:52:41+01:00
NFUs
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -93,7 +93,7 @@ CVE-2025-27496 (Snowflake, a platform for using artificial
intelligence in the c
CVE-2025-27138 (DataEase is an open source business intelligence and data
visualizatio ...)
NOT-FOR-US: DataEase
CVE-2025-27107 (Integrated Scripting is a tool for creating scripts for
handling compl ...)
- TODO: check
+ NOT-FOR-US: Integrated Scripting
CVE-2025-27103 (DataEase is an open source business intelligence and data
visualizatio ...)
NOT-FOR-US: DataEase
CVE-2025-25625 (FS Inc S3150 8T2F Switch s3150-8t2f-switch-fsos-220d_118101
has a stor ...)
@@ -139,21 +139,21 @@ CVE-2025-1428 (A maliciously crafted CATPART file, when
parsed through Autodesk
CVE-2025-1427 (A maliciously crafted CATPRODUCT file, when parsed through
Autodesk Au ...)
NOT-FOR-US: Autodesk
CVE-2024-57348 (Cross Site Scripting vulnerability in PecanProject pecan
through v.1.8 ...)
- TODO: check
+ NOT-FOR-US: PecanProject
CVE-2024-57062 (An issue in SoundCloud IOS application v.7.65.2 allows a local
attacke ...)
- TODO: check
+ NOT-FOR-US: SoundCloud IOS app
CVE-2024-55198 (User Enumeration via Discrepancies in Error Messages in the
Celk Siste ...)
- TODO: check
+ NOT-FOR-US: Celk Sistemas Celk Saude
CVE-2024-53406 (Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions
resulti ...)
- TODO: check
+ NOT-FOR-US: Espressif Esp idf
CVE-2024-30143 (HCL AppScan Traffic Recorder fails to adequately neutralize
special ch ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-28803 (Cross-site scripting (XSS) vulnerability in Italtel S.p.A.
i-MCS NFV v ...)
- TODO: check
+ NOT-FOR-US: Italtel
CVE-2024-22880 (Cross Site Scripting vulnerability in Zadarma Zadarma
extension v.1.0. ...)
- TODO: check
+ NOT-FOR-US: Zadarma
CVE-2024-12858 (Delta Electronics CNCSoft-G2 Version 2.1.0.16 and prior lacks
proper ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2024-10942 (The All-in-One WP Migration and Backup plugin for WordPress is
vulnera ...)
NOT-FOR-US: WordPress plugin
CVE-2025-2271 (A vulnerability exists in Issuetrak v17.2.2 and prior that
allows a lo ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -27,6 +27,8 @@
cna: Gallagher
- reason: Google devices
cna: Google_Devices
+- reason: HCL
+ cna: HCL
- reason: Huawei
cna: huawei
- reason: IBM
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/33a69ab1fae1e266b880739e001d6f952513c3e2...9e502d5fc4e892849a866569dbd3f8e1d6d85d1d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/33a69ab1fae1e266b880739e001d6f952513c3e2...9e502d5fc4e892849a866569dbd3f8e1d6d85d1d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
